/*     */ package com.zimbra.cs.security.sasl;
/*     */ 
/*     */ import com.zimbra.common.account.Key.AccountBy;
/*     */ import com.zimbra.common.service.ServiceException;
/*     */ import com.zimbra.cs.account.Account;
/*     */ import com.zimbra.cs.account.AuthToken;
/*     */ import com.zimbra.cs.account.AuthTokenException;
/*     */ import com.zimbra.cs.account.Provisioning;
/*     */ import com.zimbra.cs.account.ZimbraAuthToken;
/*     */ import com.zimbra.cs.account.auth.AuthContext.Protocol;
/*     */ import com.zimbra.cs.service.AuthProvider;
/*     */ import java.io.IOException;
/*     */ import java.io.InputStream;
/*     */ import java.io.OutputStream;
/*     */ import javax.security.sasl.SaslServer;
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ public class ZimbraAuthenticator
/*     */   extends Authenticator
/*     */ {
/*     */   public static final String MECHANISM = "X-ZIMBRA";
/*     */   
/*     */   public ZimbraAuthenticator(AuthenticatorUser user)
/*     */   {
/*  39 */     super("X-ZIMBRA", user);
/*     */   }
/*     */   
/*     */ 
/*  43 */   protected boolean isSupported() { return true; }
/*     */   
/*  45 */   public boolean initialize() { return true; }
/*     */   
/*     */   public void dispose() {}
/*  48 */   public boolean isEncryptionEnabled() { return false; }
/*     */   
/*  50 */   public InputStream unwrap(InputStream is) { return null; }
/*  51 */   public OutputStream wrap(OutputStream os) { return null; }
/*     */   
/*  53 */   public SaslServer getSaslServer() { return null; }
/*     */   
/*     */   public void handle(byte[] data) throws IOException {
/*  56 */     if (isComplete()) {
/*  57 */       throw new IllegalStateException("Authentication already completed");
/*     */     }
/*  59 */     String message = new String(data, "utf-8");
/*     */     
/*  61 */     int nul1 = message.indexOf(0);int nul2 = message.indexOf(0, nul1 + 1);
/*  62 */     if ((nul1 == -1) || (nul2 == -1)) {
/*  63 */       sendBadRequest();
/*  64 */       return;
/*     */     }
/*  66 */     String authorizeId = message.substring(0, nul1);
/*  67 */     String authenticateId = message.substring(nul1 + 1, nul2);
/*  68 */     String authtoken = message.substring(nul2 + 1);
/*  69 */     authenticate(authorizeId, authenticateId, authtoken);
/*     */   }
/*     */   
/*     */   public Account authenticate(String username, String authenticateId, String authtoken, AuthContext.Protocol protocol, String origRemoteIp, String remoteIp, String userAgent)
/*     */     throws ServiceException
/*     */   {
/*  75 */     if ((authenticateId == null) || (authenticateId.equals(""))) {
/*  76 */       return null;
/*     */     }
/*     */     
/*  79 */     Provisioning prov = Provisioning.getInstance();
/*     */     AuthToken at;
/*     */     try {
/*  82 */       at = ZimbraAuthToken.getAuthToken(authtoken);
/*     */     } catch (AuthTokenException e) {
/*  84 */       return null;
/*     */     }
/*     */     try
/*     */     {
/*  88 */       AuthProvider.validateAuthToken(prov, at, false);
/*     */     } catch (ServiceException e) {
/*  90 */       return null;
/*     */     }
/*     */     
/*     */ 
/*  94 */     Account authAccount = prov.get(Key.AccountBy.name, authenticateId, at);
/*  95 */     if (authAccount == null) {
/*  96 */       return null;
/*     */     }
/*     */     
/*  99 */     if (!at.getAccountId().equalsIgnoreCase(authAccount.getId())) {
/* 100 */       return null;
/*     */     }
/*     */     
/* 103 */     Account targetAcct = authorize(authAccount, username, AuthToken.isAnyAdmin(at));
/* 104 */     if (targetAcct != null)
/* 105 */       prov.accountAuthed(authAccount);
/* 106 */     return targetAcct;
/*     */   }
/*     */ }


/* Location:              /home/mint/zimbrastore.jar!/com/zimbra/cs/security/sasl/ZimbraAuthenticator.class
 * Java compiler version: 7 (51.0)
 * JD-Core Version:       0.7.1
 */